Cybersecurity Summit: Bengaluru
Hybrid Summit April 12 - 14, 2023
With the ongoing global quasi-kinetic cyberwar, enterprises in India are revisiting their state of cybersecurity readiness in gearing up to the new challenges by exploring new ways to fortify their enterprises. The CISOs have the daunting task of unlocking new strategies to fight emerging threats and constantly understand the hacker's moves. In addition, the emergence of IoT has increased the challenges of the inter-connected world, keeping the security leaders on their toes. The virtual world has exposed them to the 'crime-as-a-service' model by which cybercriminals can successfully invade the organizations, making it hard for security teams to respond in real time. Attend ISMG's hybrid cybersecurity Summit to gain insights from global and regional cybersecurity thought leaders on ways to address security challenges and the use of the right technology and frameworks. The summit will cover critical aspects of XDR, data privacy and encryption, dark web, cloud security, IoT, OT security, ransomware, the relevance of quantum computing in cybersecurity, cyber insurance, and many more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
Conrad, 25/3, Kensington Rd, Halasuru, Someshwarpura, Bengaluru, Karnataka 560008
Name :
Conrad, 25/3, Kensington Rd, Halasuru, Someshwarpura, Bengaluru, Karnataka 560008
Jacxine Fernandez (Conference Co-Chair)
Vice President - Information Security
Bangalore International Airport Ltd.
Fernandez is the vice president, information security, at Bangalore International Airport. He is a risk management, information security, and business continuity professional with experience in managing risk and security operations and business continuity within complex working environments.
Shaik J. Ahmed
Vice President, Head of Information Security - Risk and Governance
Mashreq Bank
Nitin Dhavate
Data Privacy, Digital & AI (DPDAI) Head – APMA, China, Japan and Global Health
Novartis Healthcare Pvt. Ltd.
Kamal Sharma
Vice President
(ISC)² Bangalore Chapter
Rajsri Rengan
SVP, Head of Development - Banking & Payments
FIS
Sudip Banerjee
Field CTO, APJ
Zscaler
Banerjee is field CTO for Asia-Pacific and Japan region at Zscaler. He is responsible for engaging with CXOs to ensure that customers get the maximum value from the cloud security platform. He has more than 25 years of experience in...
Satyavathi Divadari
Chapter Chair
Cloud Security Alliance Bangalore Chapter (CSA)
Navaneethan .
VP, CISO (Chief Information Security Officer) & DPO
Tata Play Group
Bastin Robin
CTO / Chief Data Scientist
CleverInsight
Manoj Abraham
Additional Director General of Police
Government of Kerala
Visagan Subburayalu
Senior Director Technology - Cybersecurity
Target
Romanus Prabhu Raymond
Director of Product Support
ManageEngine
Raymond is the director of product support for endpoint management and security at ManageEngine, a division of Zoho Corp. He has nearly 20 years of experience spanning legacy client management, modern endpoint management and security solution domains.
Arvind Singh
Chief Technology Officer, Executive Vice President- IT
Puravankara Group
Ritu Verma
Compliance Officer
Pine Labs
Dr. Lopa Mudraa Basuu
Ex. VP ISM CyberSecurity & Technology Controls (APAC & EMEA)
JPMorgan Chase & Co.
Mrutyunjay Mahapatra
Member Board Of Directors and Chairman Audit Committee
Reserve Bank Innovation Hub (RBIH)
Ankit Wasnik
Solutions Architect
Qualys
Suraj Jayaraman
Director, Cloud Security Architect
Microsoft
Prem Nithin R
Director Sales, Emerging India, SAARC
Fortinet
Minatee Mishra
Director
Philips
Avinash Narasimhan
Sales Engineer
OPSWAT
Narasimhan, sales engineer at OPSWAT, India, has more than 10 years of experience in the technology industry. He has an extensive knowledge base in network and cybersecurity and has worked with clients from various verticals including BFSI, enterprise and SMB...
Shyam Krishnamurthy
Country Head and Head of Engineering Travel
AirAsia Super App
As country head, Krishnamurthy is responsible for leading airasia's development center in Bangalore. He has more than 20 years of experience in the internet domain, SaaS, software/product development, e-commerce, enterprise architecture and configuration management.
Arvind Sivaramakrishnan
CIO (Chief Information Officer)
Karkinos Healthcare
Anuj Bhansali
Head - Trust & Safety
PhonePe
Shilpa Singh
Vice President- Cyber & Data Resiliency
Wells Fargo
Shobha Jagatpal
Managing Director: Global Head Enterprise Security Platforms, India CISO
Morgan Stanley
Sridhar Govardhan
Senior Vice President and Head of Information Security
CoinDCX
Sridhar Sidhu (Conference Chair)
Senior Vice President and Head of Information Security Services Group
Wells Fargo
View Agenda
Welcome and Opening Remarks
Jacxine Fernandez (Conference Co-Chair), Vice President - Information Security, Bangalore International Airport Ltd.
Sridhar Sidhu (Conference Chair), Senior Vice President and Head of Information Security Services Group, Wells Fargo

Conference Chairperson  

  • Sridhar Sidhu, Senior Vice President and Head of Information Security Services Group, Wells Fargo 

Conference Co-Chair  

  • Jacxine Fernandez, VP – Information Security & ICT Governance, Bangalore International Airport Ltd. 

Advisory Members  

  • Elavarasu A K, Senior Vice President & CISO, Mphasis 

  • Kumar KV, Group Chief Information Officer, Narayana Health 

  • Manoj Kuruvanthody, CISO & DPO, Tredence Inc. 

  • Ratan Jyoti, Chief Information Security Officer (CISO), Ujjivan Small Finance Bank Ltd. 

  • Visagan Subburayalu, Sr. Director-Technology, Cybersecurity, Target 

Jacxine  Fernandez (Conference Co-Chair)
Sridhar  Sidhu (Conference Chair)
  • 08:26 AM
  • 09:14 AM
Plenary: Dark Web and Threat Intelligence: Understanding Your Enemy
Manoj Abraham, Additional Director General of Police, Government of Kerala

The big challenge impacting enterprise security today is the dark web - a seemingly ungovernable subset of the internet where you can browse and communicate with complete anonymity. Through the use of the dark web and cryptocurrencies, criminals have been able to successfully run the “crime-as-a-service" model. However, businesses and the security agencies have been able to make very little, if any, impact. 

How can you make your enterprises cybercrime-resilient, and how should law enforcement respond to this menace? How do security practitioners leverage threat intelligence capabilities to navigate through the dark web? 

The session will cover:   

  • Challenges posed by the dark web and cryptocurrencies for enterprise security   

  • How is law enforcement responding to the investigation process and building technical capabilities?  

  • New techniques and approaches used to combat security threats from the dark web   

  • Actionable threat intelligence capabilities in understanding the enemy 

Manoj  Abraham
  • 09:15 AM
  • 09:44 AM
Keynote: Global Security Challenges and Opportunities in 2023
Mrutyunjay Mahapatra , Member Board Of Directors and Chairman Audit Committee, Reserve Bank Innovation Hub (RBIH)

Among other things, 2022 will be remembered for the Russian invasion of Ukraine and the cyberwarfare that transpired between the two nations. There has also been a significant increase in ransomware attacks on critical infrastructures globally in 2022, including AIIMS, one of India’s leading medical institutes. Following cyberattacks on its critical infrastructure, the Costa Rican government had to declare a national emergency.    

Given the sophistication of the threat landscape, how must India be prepared? What are the new security challenges and opportunities in 2023?   

The keynote will cover:   

  • Global innovations: how disruptive are they for security ecosystem 

  • What global partnerships can we form to strengthen our cybersecurity policies? 

  • New technologies and frameworks used in enhancing the security posture 

  • What are the key takeaways CISOs need to learn to respond to the challenges?     

  • Consolidation/Rationalization of Regulation   

Mrutyunjay  Mahapatra
  • 09:50 AM
  • 10:19 AM
Balancing Protection and Productivity: The UEM Approach
Romanus Prabhu Raymond, Director of Product Support, ManageEngine

Due to the widespread adoption of cloud solutions and remote work in the wake of the COVID-19 pandemic, the attack surfaces of most organizations have experienced a significant increase. To counter this, organizations today need to implement the right cybersecurity strategies for endpoints. 

The session will cover:

  • Business-focused security and employee-friendly practices with unified endpoint management;
  • The right response and recovery strategy for endpoints to enhance cybersecurity;
  • A practical approach to protect the endpoints for a secure user access.


Romanus Prabhu Raymond
  • 10:25 AM
  • 10:54 AM
Networking Break
  • 10:55 AM
  • 11:09 AM
Trust No File: Protection Against File-Borne Malware
Avinash Narasimhan , Sales Engineer , OPSWAT

File transfer is integral to every organization's day-to-day business and operations, and the risk of malicious files infiltrating your system and storage is rising. On the other side, files have been a common form of threat vector. Hence, organizations need to ensure necessary controls against files in transit and files at rest and a comprehensive security strategy to mitigate risks arising from this vulnerability.

The session will cover:

  • Protection against known file transfer threats using multiple layers of protection;
  • Trust nothing and verify using the zero trust framework with deep CDR technology;
  • Applying the next-gen sandboxing tools.
Avinash Narasimhan
  • 11:10 AM
  • 11:39 AM
Fortinet Security Fabric: A Collaborative Defense
Prem Nithin R, Director Sales, Emerging India, SAARC , Fortinet

The rapid evolution and sophistication of cyberattacks and the migration of assets to hybrid multi-cloud are creating a complete storm. It’s time to move past siloed security to a more collaborative and flexible approach to security. 

 Organizations are trying cybersecurity mesh architecture designed to make security more composable and scalable by modularizing security functions and enabling them to interoperate through a set of supportive layers. Like zero trust, the cybersecurity web is focused on reimagining the boundaries of the identity layer and bringing together disparate security tools into a single, interoperable ecosystem. 

The session will cover:

  • How to secure more with less;
  • Establishing intelligent security by design;
  • Enhancing security collaboration and integration.
Prem Nithin R
  • 11:45 AM
  • 12:04 PM
Spotlight: SaaS for Cyber Core Services: Are CISOs Tuned In?
Shobha Jagatpal , Managing Director: Global Head Enterprise Security Platforms, India CISO, Morgan Stanley

SaaS solutions are among the fastest-growing segments in the IT industry. According to McKinsey, the global SaaS market - currently worth about $3 trillion - is estimated to surge to $10 trillion by 2030. This implies that gains from revenue, lower overhead, offloading complex technical work to SaaS providers, and scaling with elasticity should all be balanced with availability of security controls in the offerings so that security-related risks can be managed at acceptable levels. Zooming into the available options and nailing few security controls that can help address core security considerations for control implementation and governance require qualitative and quantitative assurance along with risk acceptances.  

Attendees will gain insight into scenarios, learnings, practical challenges and risk acceptances for consuming SaaS offerings for core security services. 

The session will cover: 

  • Best practices and security controls to be assessed for core security SaaS solutions; 

  • Continuous monitoring and vigilance requisites; 

  • Critical data protection characteristics for compliance and assurance needs. 

Shobha  Jagatpal
  • 12:10 PM
  • 12:34 PM
Fireside Chat: A Debate: Data Privacy vs. InfoSec vs IT: Being on the Same Track
Nitin Dhavate, Data Privacy, Digital & AI (DPDAI) Head – APMA, China, Japan and Global Health, Novartis Healthcare Pvt. Ltd.
Arvind Sivaramakrishnan , CIO (Chief Information Officer) , Karkinos Healthcare
Navaneethan ., VP, CISO (Chief Information Security Officer) & DPO, Tata Play Group
Sridhar Govardhan , Senior Vice President and Head of Information Security , CoinDCX

A debate between a data privacy officer, a CIO and a CISO on how to juxtapose privacy and security to achieve total compliance. 

The session will cover: 

  • Establishing compliance with complex regulations along with privacy and security 

  • Privacy by design in security controls 

  • Privacy journey from legacy to controls 

Nitin  Dhavate
Arvind  Sivaramakrishnan
Navaneethan .
Sridhar  Govardhan
  • 12:40 PM
  • 01:04 PM
Lunch Break
  • 01:05 PM
  • 02:14 PM
Panel Discussion: Are Digital Currencies the Future? The Security Debate
Rajsri Rengan , SVP, Head of Development - Banking & Payments , FIS
Ritu Verma, Compliance Officer, Pine Labs
Shaik J. Ahmed, Vice President, Head of Information Security - Risk and Governance, Mashreq Bank

The Reserve Bank of India has been holding discussions to understand the scope of cryptocurrency in the Indian economy and to formulate regulations and a proper system to govern this. It is also warning cryptocurrency users and traders about the risks associated with the system.  

However, experts say bitcoin usage by Indian companies is gaining momentum, and cryptocurrency now has more than five million users in the country.  

Reports say over 3,000 investments in India were being done with bitcoin daily.       

The panel will discuss:   

  • Assessing the risks associated with the use of bitcoin  

  • Are security leaders prepared for the bitcoin regime?  

  • Establishing secure transactions using bitcoin   

Rajsri  Rengan
Ritu  Verma
Shaik  J. Ahmed
  • 02:15 PM
  • 02:44 PM
Implementing Zero Trust and Gaining Buy-In: Practical Strategies for Success
Sudip Banerjee, Field CTO, APJ, Zscaler

Recent reports on zero trust adoption show that 96% of organizations in India either have a zero trust strategy or are in the process of doing so. Despite the wide adoption of zero trust, getting management buy-in is not easy. Cost, legacy infrastructure and complicated deployment are factors that often derail its implementation. What are some practical strategies to implement zero trust and how to get your 'house in order' before going for a zero trust strategy?

The session will cover: 

  • Essential steps to starting the zero trust journey;
  • Key considerations for getting the management buy-in for a zero trust implementation;
  • Essential frameworks for a smooth zero trust implementation.
Sudip Banerjee
  • 02:50 PM
  • 03:19 PM
  • 03:25 PM
  • 03:54 PM
General Session
Ankit  Wasnik
Setting Realistic Cybersecurity Goals: Assessing Risk Inventory and Limitations
Ankit Wasnik, Solutions Architect, Qualys

Most Indian enterprises consider themselves as being above average or better in their cyber preparedness than their competitors in responding to threats, according to an analytics firm’s survey with senior cyber executives.  

However, the most critical aspect of a successful cybersecurity program is doing the basics right, which has a direct impact on the efficacy of the program. It’s similar to the game of Zenga puzzle, where you need the foundation to be strong while you make efforts to consolidate your teams, tool stack, spends. The biggest challenge for organizations today is to get their basics right in cybersecurity.

The session will discuss:

·       Setting the practical goals around  inventory, detection, and remediation engineering

·       Enhancing the cyber health of the organization at scale and risk reduction

·       Assessing external risks, limitations, commitments, and resources

  • 03:25 PM
  • 03:54 PM
General Session
Ankit  Wasnik
Setting Realistic Cybersecurity Goals: Assessing Risk Inventory and Limitation
Ankit Wasnik, Solutions Architect, Qualys

Most Indian enterprises consider themselves as being above average or better in their cyber preparedness than their competitors in responding to threats, according to an analytics firm’s survey with senior cyber executives.  

However, the most critical aspect of a successful cybersecurity program is doing the basics right, which has a direct impact on the efficacy of the program. It’s similar to the game of Zenga puzzle, where you need the foundation to be strong while you make efforts to consolidate your teams, tool stack, spends. The biggest challenge for organizations today is to get their basics right in cybersecurity.

The session will discuss:

·       Setting the practical goals around  inventory, detection, and remediation engineering

·       Enhancing the cyber health of the organization at scale and risk reduction

·       Assessing external risks, limitations, commitments, and resources

Panel Discussion: Building Cyber Resiliency by Design: Effective Frameworks
Arvind Singh , Chief Technology Officer, Executive Vice President- IT , Puravankara Group
Kamal Sharma , Vice President , (ISC)² Bangalore Chapter
Minatee Mishra, Director, Philips
Shilpa Singh , Vice President- Cyber & Data Resiliency , Wells Fargo

As organizations embrace (and accelerate) digitalization to offer new and innovative services, the vulnerabilities associated with data and technology will increase. According to research, cybercrime damage is expected to reach $8 trillion in 2023. Almost every organization will be impacted by a cyberattack this year, and it is crucial for businesses to rethink their risk management and incident response strategies.  

In the face of an increasing threat landscape, with the growing volume and sophistication of attacks, companies need more than a security solution or governance policy to be prepared for these attacks.  

They need a proactive and integrated approach with threat monitoring, threat intelligence, and end-to-end managed services.  

That's where cyber resilience comes in. It is not an afterthought, but needs to be built by design. 

The panel will discuss:   

  • The importance of cyber resilience in today's context, and how do you achieve it in your organization 

  • Cyber resilience versus cybersecurity 

  • How to create a bullet-proof incident response plan 

  • The need for cyber resilience solutions and frameworks

Arvind  Singh
Kamal  Sharma
Minatee  Mishra
Shilpa  Singh
  • 04:00 PM
  • 04:29 PM
Future of Security: Threats and Opportunities
Suraj Jayaraman , Director, Cloud Security Architect, Microsoft

Ransomware attacks are becoming inevitable as bad actors exploit the weakest link of cyber defense - humans. The goal of cyber resilience is to transform business expectations and guarantee that businesses face a less-than-significant impact from a cyberattack. NIST defines cyber resiliency as the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses and attacks by cyber resources. The recovery process needs to ensure not only a quick recovery but also a quicker return to business. What is your current cyber recovery strategy? What challenges are you facing under recovery? 

The session will cover:

How much to rely on backups

Practicality of creating an alternate environment

Leveraging cloud for better resilience

Suraj  Jayaraman
  • 04:35 PM
  • 04:49 PM
Networking Break
  • 04:50 PM
  • 04:59 PM
Fireside Chat: Payments Fraud: How to Stop Cyber Perpetrators
Dr. Lopa Mudraa Basuu , Ex. VP ISM CyberSecurity & Technology Controls (APAC & EMEA) , JPMorgan Chase & Co.
Anuj Bhansali , Head - Trust & Safety , PhonePe

More than 90% of consumers around the world rely on online payments, according to a research study. This, however, brings with it an increase in transaction fraud. Fraudsters are relying on synthetic IDs to carry out various card-related frauds. 

Social engineering is also increasingly becoming a deceptive tactic to trick people into divulging information. With so much going on, how can the payment industry tackle the new-age methods to reduce fraud? 

  

The session will cover:   

•            The new forms of fraud tactics 

•            The shortcomings of the current defensive approach 

•            What needs to change in 2023 

Dr. Lopa  Mudraa Basuu
Anuj  Bhansali
  • 05:00 PM
  • 05:24 PM
Panel Discussion: Enabling Business Growth in the VUCA World: CISOs’ Action Plan for 2023
Shyam Krishnamurthy , Country Head and Head of Engineering Travel, AirAsia Super App
Satyavathi Divadari , Chapter Chair , Cloud Security Alliance Bangalore Chapter (CSA)
Visagan Subburayalu , Senior Director Technology - Cybersecurity, Target
Bastin Robin , CTO / Chief Data Scientist, CleverInsight

We are living in a VUCA world – a world that is volatile, uncertain, complex and ambiguous.  As per India’s policymakers, VUCA is nothing but the  AAJA world - Asthirata, which means volatility or a high rate of change; Anishchita, which means uncertainty and lack of clarity about the present and the future; Jatilata, which means complexity concerning multiple factors that impact critical decisions; and Aspashtata, which means ambiguity about the unprecedented and challenging times in the industry.  

  

We are into 2023, and are witnessing growing chaos in the cybersecurity domain with multiple forms of attacks targeting enterprises.  

  

What kind of conversations do the security teams need to have, what should be their strategies and what is their focus area?  

  

The panel will discuss:    

  • Cybersecurity lessons learned from economic uncertainty  

  • New forms of security defenses enterprises have adopted in 2023  

  • What’s top of mind for CISOs in tackling this situation 

Shyam  Krishnamurthy
Satyavathi  Divadari
Visagan 	 Subburayalu
Bastin  Robin
  • 05:30 PM
  • 05:59 PM
Closing Remarks followed by Cocktail and Networking
  • 06:00 PM
  • 06:14 PM

With the ongoing global quasi-kinetic cyberwar, enterprises in India are revisiting their state of cybersecurity readiness in gearing up to the new challenges by exploring new ways to fortify their enterprises. The CISOs have the daunting task of unlocking new strategies to fight emerging threats and constantly understand the hacker's moves. In addition, the emergence of IoT has increased the challenges of the inter-connected world, keeping the security leaders on their toes. The virtual world has exposed them to the 'crime-as-a-service' model by which cybercriminals can successfully invade the organizations, making it hard for security teams to respond in real time. Attend ISMG's hybrid cybersecurity Summit to gain insights from global and regional cybersecurity thought leaders on ways to address security challenges and the use of the right technology and frameworks. The summit will cover critical aspects of XDR, data privacy and encryption, dark web, cloud security, IoT, OT security, ransomware, the relevance of quantum computing in cybersecurity, cyber insurance, and many more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

Conrad, 25/3, Kensington Rd, Halasuru, Someshwarpura, Bengaluru, Karnataka 560008
Name :
Conrad, 25/3, Kensington Rd, Halasuru, Someshwarpura, Bengaluru, Karnataka 560008

Jacxine Fernandez (Conference Co-Chair)
Vice President - Information Security
Bangalore International Airport Ltd.
Fernandez is the vice president, information security, at Bangalore International Airport. He is a risk management, information security, and business continuity professional with experience in managing risk and security operations and business continuity within complex working environments.
Shaik J. Ahmed
Vice President, Head of Information Security - Risk and Governance
Mashreq Bank
Nitin Dhavate
Data Privacy, Digital & AI (DPDAI) Head – APMA, China, Japan and Global Health
Novartis Healthcare Pvt. Ltd.
Kamal Sharma
Vice President
(ISC)² Bangalore Chapter
Rajsri Rengan
SVP, Head of Development - Banking & Payments
FIS
Sudip Banerjee
Field CTO, APJ
Zscaler
Banerjee is field CTO for Asia-Pacific and Japan region at Zscaler. He is responsible for engaging with CXOs to ensure that customers get the maximum value from the cloud security platform. He has more than 25 years of experience in...
Satyavathi Divadari
Chapter Chair
Cloud Security Alliance Bangalore Chapter (CSA)
Navaneethan .
VP, CISO (Chief Information Security Officer) & DPO
Tata Play Group
Bastin Robin
CTO / Chief Data Scientist
CleverInsight
Manoj Abraham
Additional Director General of Police
Government of Kerala
Visagan Subburayalu
Senior Director Technology - Cybersecurity
Target
Romanus Prabhu Raymond
Director of Product Support
ManageEngine
Raymond is the director of product support for endpoint management and security at ManageEngine, a division of Zoho Corp. He has nearly 20 years of experience spanning legacy client management, modern endpoint management and security solution domains.
Arvind Singh
Chief Technology Officer, Executive Vice President- IT
Puravankara Group
Ritu Verma
Compliance Officer
Pine Labs
Dr. Lopa Mudraa Basuu
Ex. VP ISM CyberSecurity & Technology Controls (APAC & EMEA)
JPMorgan Chase & Co.
Mrutyunjay Mahapatra
Member Board Of Directors and Chairman Audit Committee
Reserve Bank Innovation Hub (RBIH)
Ankit Wasnik
Solutions Architect
Qualys
Suraj Jayaraman
Director, Cloud Security Architect
Microsoft
Prem Nithin R
Director Sales, Emerging India, SAARC
Fortinet
Minatee Mishra
Director
Philips
Avinash Narasimhan
Sales Engineer
OPSWAT
Narasimhan, sales engineer at OPSWAT, India, has more than 10 years of experience in the technology industry. He has an extensive knowledge base in network and cybersecurity and has worked with clients from various verticals including BFSI, enterprise and SMB...
Shyam Krishnamurthy
Country Head and Head of Engineering Travel
AirAsia Super App
As country head, Krishnamurthy is responsible for leading airasia's development center in Bangalore. He has more than 20 years of experience in the internet domain, SaaS, software/product development, e-commerce, enterprise architecture and configuration management.
Arvind Sivaramakrishnan
CIO (Chief Information Officer)
Karkinos Healthcare
Anuj Bhansali
Head - Trust & Safety
PhonePe
Shilpa Singh
Vice President- Cyber & Data Resiliency
Wells Fargo
Shobha Jagatpal
Managing Director: Global Head Enterprise Security Platforms, India CISO
Morgan Stanley
Sridhar Govardhan
Senior Vice President and Head of Information Security
CoinDCX
Sridhar Sidhu (Conference Chair)
Senior Vice President and Head of Information Security Services Group
Wells Fargo

View Agenda
Welcome and Opening Remarks
Jacxine Fernandez (Conference Co-Chair), Vice President - Information Security, Bangalore International Airport Ltd.
Sridhar Sidhu (Conference Chair), Senior Vice President and Head of Information Security Services Group, Wells Fargo

Conference Chairperson  

  • Sridhar Sidhu, Senior Vice President and Head of Information Security Services Group, Wells Fargo 

Conference Co-Chair  

  • Jacxine Fernandez, VP – Information Security & ICT Governance, Bangalore International Airport Ltd. 

Advisory Members  

  • Elavarasu A K, Senior Vice President & CISO, Mphasis 

  • Kumar KV, Group Chief Information Officer, Narayana Health 

  • Manoj Kuruvanthody, CISO & DPO, Tredence Inc. 

  • Ratan Jyoti, Chief Information Security Officer (CISO), Ujjivan Small Finance Bank Ltd. 

  • Visagan Subburayalu, Sr. Director-Technology, Cybersecurity, Target 

Jacxine  Fernandez (Conference Co-Chair)
Sridhar  Sidhu (Conference Chair)
  • 08:26 AM
  • 09:14 AM
Plenary: Dark Web and Threat Intelligence: Understanding Your Enemy
Manoj Abraham, Additional Director General of Police, Government of Kerala

The big challenge impacting enterprise security today is the dark web - a seemingly ungovernable subset of the internet where you can browse and communicate with complete anonymity. Through the use of the dark web and cryptocurrencies, criminals have been able to successfully run the “crime-as-a-service" model. However, businesses and the security agencies have been able to make very little, if any, impact. 

How can you make your enterprises cybercrime-resilient, and how should law enforcement respond to this menace? How do security practitioners leverage threat intelligence capabilities to navigate through the dark web? 

The session will cover:   

  • Challenges posed by the dark web and cryptocurrencies for enterprise security   

  • How is law enforcement responding to the investigation process and building technical capabilities?  

  • New techniques and approaches used to combat security threats from the dark web   

  • Actionable threat intelligence capabilities in understanding the enemy 

Manoj  Abraham
  • 09:15 AM
  • 09:44 AM
Keynote: Global Security Challenges and Opportunities in 2023
Mrutyunjay Mahapatra , Member Board Of Directors and Chairman Audit Committee, Reserve Bank Innovation Hub (RBIH)

Among other things, 2022 will be remembered for the Russian invasion of Ukraine and the cyberwarfare that transpired between the two nations. There has also been a significant increase in ransomware attacks on critical infrastructures globally in 2022, including AIIMS, one of India’s leading medical institutes. Following cyberattacks on its critical infrastructure, the Costa Rican government had to declare a national emergency.    

Given the sophistication of the threat landscape, how must India be prepared? What are the new security challenges and opportunities in 2023?   

The keynote will cover:   

  • Global innovations: how disruptive are they for security ecosystem 

  • What global partnerships can we form to strengthen our cybersecurity policies? 

  • New technologies and frameworks used in enhancing the security posture 

  • What are the key takeaways CISOs need to learn to respond to the challenges?     

  • Consolidation/Rationalization of Regulation   

Mrutyunjay  Mahapatra
  • 09:50 AM
  • 10:19 AM
Balancing Protection and Productivity: The UEM Approach
Romanus Prabhu Raymond, Director of Product Support, ManageEngine

Due to the widespread adoption of cloud solutions and remote work in the wake of the COVID-19 pandemic, the attack surfaces of most organizations have experienced a significant increase. To counter this, organizations today need to implement the right cybersecurity strategies for endpoints. 

The session will cover:

  • Business-focused security and employee-friendly practices with unified endpoint management;
  • The right response and recovery strategy for endpoints to enhance cybersecurity;
  • A practical approach to protect the endpoints for a secure user access.


Romanus Prabhu Raymond
  • 10:25 AM
  • 10:54 AM
Networking Break
  • 10:55 AM
  • 11:09 AM
Trust No File: Protection Against File-Borne Malware
Avinash Narasimhan , Sales Engineer , OPSWAT

File transfer is integral to every organization's day-to-day business and operations, and the risk of malicious files infiltrating your system and storage is rising. On the other side, files have been a common form of threat vector. Hence, organizations need to ensure necessary controls against files in transit and files at rest and a comprehensive security strategy to mitigate risks arising from this vulnerability.

The session will cover:

  • Protection against known file transfer threats using multiple layers of protection;
  • Trust nothing and verify using the zero trust framework with deep CDR technology;
  • Applying the next-gen sandboxing tools.
Avinash Narasimhan
  • 11:10 AM
  • 11:39 AM
Fortinet Security Fabric: A Collaborative Defense
Prem Nithin R, Director Sales, Emerging India, SAARC , Fortinet

The rapid evolution and sophistication of cyberattacks and the migration of assets to hybrid multi-cloud are creating a complete storm. It’s time to move past siloed security to a more collaborative and flexible approach to security. 

 Organizations are trying cybersecurity mesh architecture designed to make security more composable and scalable by modularizing security functions and enabling them to interoperate through a set of supportive layers. Like zero trust, the cybersecurity web is focused on reimagining the boundaries of the identity layer and bringing together disparate security tools into a single, interoperable ecosystem. 

The session will cover:

  • How to secure more with less;
  • Establishing intelligent security by design;
  • Enhancing security collaboration and integration.
Prem Nithin R
  • 11:45 AM
  • 12:04 PM
Spotlight: SaaS for Cyber Core Services: Are CISOs Tuned In?
Shobha Jagatpal , Managing Director: Global Head Enterprise Security Platforms, India CISO, Morgan Stanley

SaaS solutions are among the fastest-growing segments in the IT industry. According to McKinsey, the global SaaS market - currently worth about $3 trillion - is estimated to surge to $10 trillion by 2030. This implies that gains from revenue, lower overhead, offloading complex technical work to SaaS providers, and scaling with elasticity should all be balanced with availability of security controls in the offerings so that security-related risks can be managed at acceptable levels. Zooming into the available options and nailing few security controls that can help address core security considerations for control implementation and governance require qualitative and quantitative assurance along with risk acceptances.  

Attendees will gain insight into scenarios, learnings, practical challenges and risk acceptances for consuming SaaS offerings for core security services. 

The session will cover: 

  • Best practices and security controls to be assessed for core security SaaS solutions; 

  • Continuous monitoring and vigilance requisites; 

  • Critical data protection characteristics for compliance and assurance needs. 

Shobha  Jagatpal
  • 12:10 PM
  • 12:34 PM
Fireside Chat: A Debate: Data Privacy vs. InfoSec vs IT: Being on the Same Track
Nitin Dhavate, Data Privacy, Digital & AI (DPDAI) Head – APMA, China, Japan and Global Health, Novartis Healthcare Pvt. Ltd.
Arvind Sivaramakrishnan , CIO (Chief Information Officer) , Karkinos Healthcare
Navaneethan ., VP, CISO (Chief Information Security Officer) & DPO, Tata Play Group
Sridhar Govardhan , Senior Vice President and Head of Information Security , CoinDCX

A debate between a data privacy officer, a CIO and a CISO on how to juxtapose privacy and security to achieve total compliance. 

The session will cover: 

  • Establishing compliance with complex regulations along with privacy and security 

  • Privacy by design in security controls 

  • Privacy journey from legacy to controls 

Nitin  Dhavate
Arvind  Sivaramakrishnan
Navaneethan .
Sridhar  Govardhan
  • 12:40 PM
  • 01:04 PM
Lunch Break
  • 01:05 PM
  • 02:14 PM
Panel Discussion: Are Digital Currencies the Future? The Security Debate
Rajsri Rengan , SVP, Head of Development - Banking & Payments , FIS
Ritu Verma, Compliance Officer, Pine Labs
Shaik J. Ahmed, Vice President, Head of Information Security - Risk and Governance, Mashreq Bank

The Reserve Bank of India has been holding discussions to understand the scope of cryptocurrency in the Indian economy and to formulate regulations and a proper system to govern this. It is also warning cryptocurrency users and traders about the risks associated with the system.  

However, experts say bitcoin usage by Indian companies is gaining momentum, and cryptocurrency now has more than five million users in the country.  

Reports say over 3,000 investments in India were being done with bitcoin daily.       

The panel will discuss:   

  • Assessing the risks associated with the use of bitcoin  

  • Are security leaders prepared for the bitcoin regime?  

  • Establishing secure transactions using bitcoin   

Rajsri  Rengan
Ritu  Verma
Shaik  J. Ahmed
  • 02:15 PM
  • 02:44 PM
Implementing Zero Trust and Gaining Buy-In: Practical Strategies for Success
Sudip Banerjee, Field CTO, APJ, Zscaler

Recent reports on zero trust adoption show that 96% of organizations in India either have a zero trust strategy or are in the process of doing so. Despite the wide adoption of zero trust, getting management buy-in is not easy. Cost, legacy infrastructure and complicated deployment are factors that often derail its implementation. What are some practical strategies to implement zero trust and how to get your 'house in order' before going for a zero trust strategy?

The session will cover: 

  • Essential steps to starting the zero trust journey;
  • Key considerations for getting the management buy-in for a zero trust implementation;
  • Essential frameworks for a smooth zero trust implementation.
Sudip Banerjee
  • 02:50 PM
  • 03:19 PM
  • 03:25 PM
  • 03:54 PM
General Session
Ankit  Wasnik
Setting Realistic Cybersecurity Goals: Assessing Risk Inventory and Limitations
Ankit Wasnik, Solutions Architect, Qualys

Most Indian enterprises consider themselves as being above average or better in their cyber preparedness than their competitors in responding to threats, according to an analytics firm’s survey with senior cyber executives.  

However, the most critical aspect of a successful cybersecurity program is doing the basics right, which has a direct impact on the efficacy of the program. It’s similar to the game of Zenga puzzle, where you need the foundation to be strong while you make efforts to consolidate your teams, tool stack, spends. The biggest challenge for organizations today is to get their basics right in cybersecurity.

The session will discuss:

·       Setting the practical goals around  inventory, detection, and remediation engineering

·       Enhancing the cyber health of the organization at scale and risk reduction

·       Assessing external risks, limitations, commitments, and resources

  • 03:25 PM
  • 03:54 PM
General Session
Ankit  Wasnik
Setting Realistic Cybersecurity Goals: Assessing Risk Inventory and Limitation
Ankit Wasnik, Solutions Architect, Qualys

Most Indian enterprises consider themselves as being above average or better in their cyber preparedness than their competitors in responding to threats, according to an analytics firm’s survey with senior cyber executives.  

However, the most critical aspect of a successful cybersecurity program is doing the basics right, which has a direct impact on the efficacy of the program. It’s similar to the game of Zenga puzzle, where you need the foundation to be strong while you make efforts to consolidate your teams, tool stack, spends. The biggest challenge for organizations today is to get their basics right in cybersecurity.

The session will discuss:

·       Setting the practical goals around  inventory, detection, and remediation engineering

·       Enhancing the cyber health of the organization at scale and risk reduction

·       Assessing external risks, limitations, commitments, and resources

Panel Discussion: Building Cyber Resiliency by Design: Effective Frameworks
Arvind Singh , Chief Technology Officer, Executive Vice President- IT , Puravankara Group
Kamal Sharma , Vice President , (ISC)² Bangalore Chapter
Minatee Mishra, Director, Philips
Shilpa Singh , Vice President- Cyber & Data Resiliency , Wells Fargo

As organizations embrace (and accelerate) digitalization to offer new and innovative services, the vulnerabilities associated with data and technology will increase. According to research, cybercrime damage is expected to reach $8 trillion in 2023. Almost every organization will be impacted by a cyberattack this year, and it is crucial for businesses to rethink their risk management and incident response strategies.  

In the face of an increasing threat landscape, with the growing volume and sophistication of attacks, companies need more than a security solution or governance policy to be prepared for these attacks.  

They need a proactive and integrated approach with threat monitoring, threat intelligence, and end-to-end managed services.  

That's where cyber resilience comes in. It is not an afterthought, but needs to be built by design. 

The panel will discuss:   

  • The importance of cyber resilience in today's context, and how do you achieve it in your organization 

  • Cyber resilience versus cybersecurity 

  • How to create a bullet-proof incident response plan 

  • The need for cyber resilience solutions and frameworks

Arvind  Singh
Kamal  Sharma
Minatee  Mishra
Shilpa  Singh
  • 04:00 PM
  • 04:29 PM
Future of Security: Threats and Opportunities
Suraj Jayaraman , Director, Cloud Security Architect, Microsoft

Ransomware attacks are becoming inevitable as bad actors exploit the weakest link of cyber defense - humans. The goal of cyber resilience is to transform business expectations and guarantee that businesses face a less-than-significant impact from a cyberattack. NIST defines cyber resiliency as the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses and attacks by cyber resources. The recovery process needs to ensure not only a quick recovery but also a quicker return to business. What is your current cyber recovery strategy? What challenges are you facing under recovery? 

The session will cover:

How much to rely on backups

Practicality of creating an alternate environment

Leveraging cloud for better resilience

Suraj  Jayaraman
  • 04:35 PM
  • 04:49 PM
Networking Break
  • 04:50 PM
  • 04:59 PM
Fireside Chat: Payments Fraud: How to Stop Cyber Perpetrators
Dr. Lopa Mudraa Basuu , Ex. VP ISM CyberSecurity & Technology Controls (APAC & EMEA) , JPMorgan Chase & Co.
Anuj Bhansali , Head - Trust & Safety , PhonePe

More than 90% of consumers around the world rely on online payments, according to a research study. This, however, brings with it an increase in transaction fraud. Fraudsters are relying on synthetic IDs to carry out various card-related frauds. 

Social engineering is also increasingly becoming a deceptive tactic to trick people into divulging information. With so much going on, how can the payment industry tackle the new-age methods to reduce fraud? 

  

The session will cover:   

•            The new forms of fraud tactics 

•            The shortcomings of the current defensive approach 

•            What needs to change in 2023 

Dr. Lopa  Mudraa Basuu
Anuj  Bhansali
  • 05:00 PM
  • 05:24 PM
Panel Discussion: Enabling Business Growth in the VUCA World: CISOs’ Action Plan for 2023
Shyam Krishnamurthy , Country Head and Head of Engineering Travel, AirAsia Super App
Satyavathi Divadari , Chapter Chair , Cloud Security Alliance Bangalore Chapter (CSA)
Visagan Subburayalu , Senior Director Technology - Cybersecurity, Target
Bastin Robin , CTO / Chief Data Scientist, CleverInsight

We are living in a VUCA world – a world that is volatile, uncertain, complex and ambiguous.  As per India’s policymakers, VUCA is nothing but the  AAJA world - Asthirata, which means volatility or a high rate of change; Anishchita, which means uncertainty and lack of clarity about the present and the future; Jatilata, which means complexity concerning multiple factors that impact critical decisions; and Aspashtata, which means ambiguity about the unprecedented and challenging times in the industry.  

  

We are into 2023, and are witnessing growing chaos in the cybersecurity domain with multiple forms of attacks targeting enterprises.  

  

What kind of conversations do the security teams need to have, what should be their strategies and what is their focus area?  

  

The panel will discuss:    

  • Cybersecurity lessons learned from economic uncertainty  

  • New forms of security defenses enterprises have adopted in 2023  

  • What’s top of mind for CISOs in tackling this situation 

Shyam  Krishnamurthy
Satyavathi  Divadari
Visagan 	 Subburayalu
Bastin  Robin
  • 05:30 PM
  • 05:59 PM
Closing Remarks followed by Cocktail and Networking
  • 06:00 PM
  • 06:14 PM

Speaker Interviews

April 12 - 14, 2023

Cybersecurity Summit: Bengaluru